ClawHub

work-fllows

v1.0.0

Guide AI to create NocoBase workflows — triggers, conditions, data operations, SQL, scheduling

0· 144·0 current·0 all-time
byliu xiansen@alexander-lq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description and the SKILL.md content align: the document provides patterns and helper calls for creating NocoBase workflows (triggers, nodes, scheduling, SQL). Declared tools (nb_create_workflow, nb_add_node, etc.) are consistent with the stated goal.
Instruction Scope
Instructions focus on creating workflows and node patterns. However the workflows include 'sql' nodes (raw SQL execution) and 'request' nodes (HTTP calls) which are powerful capabilities — the SKILL.md shows examples that perform UPDATEs and external requests. The instructions themselves do not instruct reading unrelated system files or environment variables.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk or downloaded by the skill itself.
Credentials
The skill declares no required environment variables or credentials. That is plausible for an instruction-only document, but the tool names imply platform-provided actions that will need authentication to a NocoBase instance; the skill does not document required credentials or required permission scope for those operations.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent presence or modify other skills/config. Autonomous invocation is allowed by default on the platform but the skill does not request extra privileges.
Assessment
This skill appears to be an instruction template for creating NocoBase workflows and is internally consistent. Before installing or using it, verify: (1) how the platform's nb_* tools authenticate to your NocoBase instance and whether that account has limited permissions (avoid using an admin account if possible); (2) review any workflow that includes 'sql' or 'request' nodes — they can run arbitrary SQL and call external endpoints, so audit them for unsafe queries or data leaks; (3) test workflows in a staging environment first; and (4) note the skill has no homepage and an unknown owner, so prefer caution and manual review of any generated workflow definitions before enabling them in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk976xem3gv7vysbv0ppkfjph1583359x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments